package com.pqtest.api.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.stereotype.Component;

@Configuration
@EnableResourceServer
public class Oauth2Resource extends ResourceServerConfigurerAdapter {
    @Override
    public void configure(HttpSecurity http) throws Exception{
//        http.authorizeRequests()
//                .antMatchers("/oauth/*").authenticated();
//                //.anyRequest().authenticated();

        http.exceptionHandling()
                //.authenticationEntryPoint(customAuthenticationEntryPoint)
                .and()
                .logout()
                .logoutUrl("/oauth/logout")
                .and()
                .authorizeRequests()
                .antMatchers("/oauth/**").permitAll()
                .antMatchers("/actuator/**").permitAll()
                .antMatchers("/account/password").authenticated()
                .antMatchers("/account/**").permitAll()
                .antMatchers("/users/**").authenticated()
                .antMatchers("/**/**").permitAll()
                .and()
                .httpBasic();
    }
}
